MitM attack in LibreOffice
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-5261 |
| CWE-ID | CWE-295 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
LibreOffice Client/Desktop applications / Office applications |
| Vendor | LibreOffice |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper Certificate Validation
EUVDB-ID: #VU93313
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-5261
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to missing certificate validation within the LibreOfficeKit when calling "curl" to fetch remote resources such as images hosted on web servers. A remote attacker can perform MitM attack.
Install updates from vendor's website.
Vulnerable software versionsLibreOffice: 24.2.0.1 - 24.2.3.2
CPE2.3- cpe:2.3:a:libreoffice:libreoffice:24.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.2.3.2:*:*:*:*:*:*:*
https://www.libreoffice.org/about-us/security/advisories/cve-2024-5261
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
